3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 08:19:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

cryptutil: use bytes for hmac (#2067)

Browse source
This commit is contained in:
Caleb Doxsey 2021-04-07 14:57:24 -06:00 committed by GitHub
parent a935c1ba30
commit a51c7140ea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 28 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

6
authenticate/handlers.go
View file

@ -79,7 +79,7 @@ func (a *Authenticate) mountDashboard(r *mux.Router) {
c := cors.New(cors.Options{
AllowOriginRequestFunc: func(r *http.Request, _ string) bool {
state := a.state.Load()
err := middleware.ValidateRequestURL(r, string(state.sharedSecret))
err := middleware.ValidateRequestURL(r, state.sharedSecret)
if err != nil {
log.FromRequest(r).Info().Err(err).Msg("authenticate: origin blocked")
}
@ -243,7 +243,7 @@ func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error {
// build our hmac-d redirect URL with our session, pointing back to the
// proxy's callback URL which is responsible for setting our new route-session
uri := urlutil.NewSignedURL(options.SharedKey, callbackURL)
uri := urlutil.NewSignedURL([]byte(options.SharedKey), callbackURL)
httputil.Redirect(w, r, uri.String(), http.StatusFound)
return nil
}
@ -606,5 +606,5 @@ func (a *Authenticate) getSignOutURL(r *http.Request) (*url.URL, error) {
urlutil.QueryRedirectURI: {redirectURI},
}).Encode()
}
return urlutil.NewSignedURL(a.options.Load().SharedKey, uri).Sign(), nil
return urlutil.NewSignedURL([]byte(a.options.Load().SharedKey), uri).Sign(), nil
}